$ rpki-client -vvf rpki.apnic.net/member_repository/A91D0B0E/4E6CB4F6806911EF887B703CC4F9AE02/lX5Qp1--UC844-2_P0qq5mWuFIs.mft File: lX5Qp1--UC844-2_P0qq5mWuFIs.mft (raw, json) Hash identifier: 3l6NLcSPhkK3wpQqoeOl/PjYQbdoAewzX76rTCEMWls= Subject key identifier: FA:94:60:98:6A:17:4D:33:F8:FF:F5:BA:01:14:C9:14:6E:2C:3D:73 Authority key identifier: 95:7E:50:A7:5F:BE:50:2F:38:E3:ED:BF:3F:4A:AA:E6:65:AE:14:8B Certificate issuer: /CN=A91D0B0E/serialNumber=957E50A75FBE502F38E3EDBF3F4AAAE665AE148B Certificate serial: A4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lX5Qp1--UC844-2_P0qq5mWuFIs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D0B0E/4E6CB4F6806911EF887B703CC4F9AE02/lX5Qp1--UC844-2_P0qq5mWuFIs.mft Manifest number: A2 Signing time: Thu 07 Aug 2025 06:49:44 +0000 Manifest this update: Thu 07 Aug 2025 06:49:43 +0000 Manifest next update: Thu 14 Aug 2025 06:49:43 +0000 Files and hashes: 1: lX5Qp1--UC844-2_P0qq5mWuFIs.crl (hash: ZNVRSQsXiX03XFpPayQml0MP0+ktiVgG9pLwXCNfZ9M=) 2: A0A9D60C807511EFAD8C4257C4F9AE02.roa (hash: ItObitSQLkGH+talVc8PNR7Z2o8Aby5tjfREkgGvzVc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D0B0E/4E6CB4F6806911EF887B703CC4F9AE02/lX5Qp1--UC844-2_P0qq5mWuFIs.crl rsync://rpki.apnic.net/member_repository/A91D0B0E/4E6CB4F6806911EF887B703CC4F9AE02/lX5Qp1--UC844-2_P0qq5mWuFIs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lX5Qp1--UC844-2_P0qq5mWuFIs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 164 (0xa4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D0B0E, serialNumber=957E50A75FBE502F38E3EDBF3F4AAAE665AE148B Validity Not Before: Aug 7 06:49:43 2025 GMT Not After : Aug 14 06:49:43 2025 GMT Subject: CN=68944c87-edce Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:a1:ab:40:fa:12:bd:14:c9:f5:e4:ec:a9:e2: 86:34:16:b1:c9:24:30:6b:8a:1b:c7:88:32:6d:f0: 64:ca:ae:ad:d0:53:07:0f:ee:a0:79:3f:f5:f9:6d: e1:42:e4:a8:84:9f:16:b2:e5:35:cf:e3:79:2c:4f: 6d:6a:f7:74:fc:1b:c0:49:1f:5c:de:d3:b8:1b:ae: b7:70:9b:c9:9a:46:36:d8:c0:bc:c5:90:7d:07:e7: 9a:ce:b4:ff:85:e6:4a:24:31:2b:bf:04:09:98:dd: 04:3d:7e:cd:b5:54:9d:4a:a9:55:ee:2e:92:81:47: 34:ae:0c:eb:31:14:ba:a9:21:42:dd:53:63:04:25: ed:7c:fb:b6:14:79:1c:bd:b6:58:50:34:25:d4:b7: 71:be:4d:81:ae:14:42:1a:67:0c:b9:a7:8e:99:3e: 4e:0d:7c:d9:42:3b:0d:f7:da:a6:0a:79:30:1a:24: e9:7c:f8:53:c5:20:e1:45:7f:35:67:64:91:2e:33: 1b:d6:bd:bb:41:76:1a:2d:42:1f:16:21:c0:bb:d7: 60:90:44:35:4a:08:00:c3:09:1e:2e:a7:0d:29:4a: 40:ab:d6:f1:05:85:02:94:30:8a:47:bf:dd:4e:69: 10:05:8d:c7:96:7b:47:ed:91:35:c0:ce:a7:50:65: c9:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:94:60:98:6A:17:4D:33:F8:FF:F5:BA:01:14:C9:14:6E:2C:3D:73 X509v3 Authority Key Identifier: keyid:95:7E:50:A7:5F:BE:50:2F:38:E3:ED:BF:3F:4A:AA:E6:65:AE:14:8B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D0B0E/4E6CB4F6806911EF887B703CC4F9AE02/lX5Qp1--UC844-2_P0qq5mWuFIs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lX5Qp1--UC844-2_P0qq5mWuFIs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D0B0E/4E6CB4F6806911EF887B703CC4F9AE02/lX5Qp1--UC844-2_P0qq5mWuFIs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1b:76:63:10:f8:44:b4:c4:09:d7:48:46:11:7f:69:7e:9d:a0: 60:5a:e7:2c:9b:e3:1e:18:9d:50:06:cf:86:1b:9b:09:24:3e: 53:ce:57:f0:06:17:46:e0:a2:23:d1:68:7c:f5:33:de:b7:06: 5d:17:d2:f9:3e:b2:5e:79:e4:d3:82:41:ff:a1:7a:25:fb:01: 78:d2:7a:c5:85:3c:89:9a:a8:ec:3f:16:f4:f5:a6:6a:87:84: c0:16:ee:25:ed:e3:f0:c9:17:30:bd:0c:d0:f1:a0:92:64:da: 04:40:de:28:f5:f9:91:e0:4a:7c:54:6d:f5:d5:3d:54:52:5e: f0:9c:02:f5:20:6e:11:82:6c:31:46:71:2e:f7:6a:86:29:7e: fe:fb:2d:83:20:b3:e1:0f:22:33:9f:f5:1f:bb:a1:9d:6a:01: 31:15:2e:ad:30:e5:26:21:c0:78:b2:ed:c9:c2:73:1c:b1:f2: 80:5a:10:1d:d0:41:3e:93:c6:2c:46:9b:86:13:a0:38:24:4a: 85:2a:6b:65:7d:eb:01:55:9a:08:43:14:d4:a5:b1:6d:78:d0: 77:a1:a4:f4:ee:04:70:8a:c8:23:27:93:65:ce:6c:7c:47:6e: fd:1c:f6:30:40:6e:e2:b9:e0:82:24:b8:6c:33:4e:2d:af:75: d1:ae:e5:89 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDBCMEUxMTAvBgNVBAUTKDk1N0U1MEE3NUZCRTUwMkYzOEUzRURCRjNGNEFBQUU2 NjVBRTE0OEIwHhcNMjUwODA3MDY0OTQzWhcNMjUwODE0MDY0OTQzWjAYMRYwFAYD VQQDEw02ODk0NGM4Ny1lZGNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2KGrQPoSvRTJ9eTsqeKGNBaxySQwa4obx4gybfBkyq6t0FMHD+6geT/1+W3h QuSohJ8WsuU1z+N5LE9tavd0/BvASR9c3tO4G663cJvJmkY22MC8xZB9B+eazrT/ heZKJDErvwQJmN0EPX7NtVSdSqlV7i6SgUc0rgzrMRS6qSFC3VNjBCXtfPu2FHkc vbZYUDQl1Ldxvk2BrhRCGmcMuaeOmT5ODXzZQjsN99qmCnkwGiTpfPhTxSDhRX81 Z2SRLjMb1r27QXYaLUIfFiHAu9dgkEQ1SggAwwkeLqcNKUpAq9bxBYUClDCKR7/d TmkQBY3HlntH7ZE1wM6nUGXJHQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPqUYJhq F00z+P/1ugEUyRRuLD1zMB8GA1UdIwQYMBaAFJV+UKdfvlAvOOPtvz9KquZlrhSL MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMEIwRS80RTZDQjRGNjgw NjkxMUVGODg3QjcwM0NDNEY5QUUwMi9sWDVRcDEtLVVDODQ0LTJfUDBxcTVtV3VG SXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xYNVFwMS0tVUM4NDQtMl9QMHFxNW1XdUZJcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE MEIwRS80RTZDQjRGNjgwNjkxMUVGODg3QjcwM0NDNEY5QUUwMi9sWDVRcDEtLVVD ODQ0LTJfUDBxcTVtV3VGSXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAbdmMQ+ES0xAnXSEYRf2l+naBgWucsm+MeGJ1QBs+GG5sJJD5Tzlfw BhdG4KIj0Wh89TPetwZdF9L5PrJeeeTTgkH/oXol+wF40nrFhTyJmqjsPxb09aZq h4TAFu4l7ePwyRcwvQzQ8aCSZNoEQN4o9fmR4Ep8VG311T1UUl7wnAL1IG4Rgmwx RnEu92qGKX7++y2DILPhDyIzn/Ufu6GdagExFS6tMOUmIcB4su3JwnMcsfKAWhAd 0EE+k8YsRpuGE6A4JEqFKmtlfesBVZoIQxTUpbFteNB3oaT07gRwisgjJ5Nlzmx8 R279HPYwQG7iueCCJLhsM04tr3XRruWJ -----END CERTIFICATE-----Generated at Fri Aug 8 21:02:52 2025 by rpki-client